Menu

TLS Security update - Upgrading to version 1.2

As of June 30th, 2018 The Payment Card Industry Security Standards Council is requiring that we upgrade the minimum version of TLS supported by our servers to be 1.2. Further information can be found here.


In order to support this requirement, Thinkific has updated our servers on June 5, 2018 to remove support for TLS 1.0 and 1.1. 


What steps we've taken

We have worked with all of our Integration partners to ensure the necessary updates are made for seamless connectivity with this upgrade.


Browser Support for TLS 1.2

In addition to Integrations, TLS can also impact the functionality of out of date browsers. We recommend upgrading your browser to the currently supported version if you are viewing Thinkific with an out of date browser.


The following is a list of browser versions that officially supports TLS 1.2.

  1. Chrome - v30 and up supports TLS 1.2.
  2. Firefox - v27 enables 1.2 by default.
  3. Internet Explorer - v11 supports TLS 1.2 from Feb 2013.
  4. Opera - v17 has added support for TLS 1.2.
  5. Safari - v5 on iOS and v7 on OS X have added support for up to TLS 1.2.


 


Developers:

Test your API & integration support

If you have integrations that are dependent on our API, it’s important that you verify that any custom code you have written or other libraries that consume our API are compliant with TLS v1.2 and greater.


In order to verify that your custom code will continue to work, you should attempt to access our API through our test server at https://tlstest.thinkific.com from the server where your custom code is executed. We recommend running a simple query for users. Below are examples of how you can accomplish this in Ruby and Javascript (Node).


Upon execution, you will receive a success or failure message.  If you encounter a message that reveals that you do not currently support TLS 1.2, you will need to perform the necessary updates to ensure seamless functionality going forward.


Ruby

require 'rest-client'

API_KEY = 'your API key'
SUBDOMAIN = 'your subdomain'
API_ENDPOINT = 'https://tlstest.thinkific.com/api/public/v1/users'

def testTls
  RestClient::Request.execute(
    method: :get,
    url: API_ENDPOINT,
    verify_ssl: false, # Not recommended for production code!
    headers: {
        'X-Auth-API-Key' => API_KEY,
        'X-Auth-Subdomain' => SUBDOMAIN
    }
  )
end

begin
  testTls()
rescue Errno::ECONNRESET => ex
  puts 'TLS 1.2 is not supported by your client code'
end


Javascript (Node)

const https = require("https")

const API_KEY = 'your API key'
const SUBDOMAIN = 'your subdomain'
const API_ENDPOINT = 'tlstest.thinkific.com'

const testTls = () => {

  const options = {
    hostname: API_ENDPOINT,
    port: 443,
    path: '/api/public/v1/users',
    method: 'GET',
    headers: {
      "X-Auth-API-Key": "API_KEY",
      "X-Auth-Subdomain": SUBDOMAIN
    }
  }

  const req = https.request(options, (res) => {
    res.on("data", (data) => {
      console.log("TLS 1.2 supported, no action required.")
    })
  })

  req.end()

  req.on("error", (err) => {
    if (err.code == "ECONNRESET") {
      console.log("TLS 1.2 not supported! You will need to upgrade")
    } else {
      console.log("Unknown error talking to Thinkific, please try again later.")
    }
  })
}

testTls()



Further Reading

1. https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.